Since March 2023, the creators of one of the malicious scripts have emptied cryptocurrency wallets of over 63,000 victims for more than more than $58 million. This was reported by the on-chain sleuth ScamSniffer.
?1/ Alert: A ‘Wallet Drainer’ has been linked to phishing campaigns on Google search and X ads, draining approximately $58M from over 63K victims in 9 months. pic.twitter.com/ye3ob2uTtz
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 21, 2023
According to him, the attackers lured users to phishing pages, which were promoted in Google search and X ads. In total they created 10,072 fake sites. The peak of activity occurred in May, June and November.
The bulk of losses were borne by Ethereum and Arbitrum holders. One victim’s loss amounted to $24 million.
According to ScamSniffer, 60% of phishing ads on X used this exact malicious script to steal digital assets. The creators also sold the tool’s source code to external cybercriminals.
Earlier, the on-chain sleuth discovered hackers who, over a six-month period, used code fragments to gain access to the private keys of Ethereum addresses and could have stolen cryptocurrency worth $60 million.